Skip to main content

Netskope Help

CTEP/IPS Threat Content Update Release Notes 97.1.1.246

Refer to the following summary of signatures deployed on 19th September, 2022 with the IPS content release:

  • Total signatures: 20080

  • Signatures added : 16

  • Signatures modified: 0

  • Signatures removed: 418

Signatures Added

SID

Description

Reference

60547

OS-WINDOWS Microsoft Windows privilege escalation attempt

CVE-2022-37957

60550

OS-WINDOWS Microsoft Windows GDI elevation of privilege attempt

CVE-2022-34729

60552

OS-WINDOWS DirectX Graphics kernel use after free attempt

CVE-2022-37954

60554

OS-WINDOWS ALPC Port Object elevation of privilege attempt

CVE-2022-34725

60556

OS-WINDOWS Windows Common Log File System driver escalation of privileges attempt

CVE-2022-35803

150181

MALWARE-CNC EK.Kaixin.Traffic Redirect detected

No reference

150183

MALWARE-CNC EK.Scanbox.PSI Traffic detected

No reference

150182

MALWARE-CNC EK.Nuclear.Swf Traffic detected

No reference

150184

MALWARE-CNC EK.Sbelevo.Maze Traffic detected

No reference

150277

MALWARE-CNC A100-858 Exploit Kit Activity - HUNTER Landing Page

No reference

150279

MALWARE-CNC A100-852 Exploit Kit Activity - HUNTER CVE-2013-2419 JRE Exploit

No reference

150278

MALWARE-CNC A100-856 Exploit Kit Activity - HUNTER CVE-2015-5119 Adobe Flash Player

No reference

150177

MALWARE-CNC EK.Sedkit Traffic detected

No reference

150179

MALWARE-CNC EK.APT33.Ruler Homepage detected

No reference

150280

MALWARE-CNC A100-805 Exploit Kit Activity - GREENFLASH SUNDOWN Exploit Kit HERMES Download

No reference

150281

MALWARE-CNC A100-804 Exploit Kit Activity - GREENFLASH SUNDOWN Exploit Kit CVE-2018-4878 Flash Exploit

No reference

Signatures Removed

The following Signatures were removed due to False Positives (FP's):

  • 16236

  • 15877

  • 13474

  • 41144

  • 47064

  • 13514

  • 60183

  • 59892

  • 50456

  • 149188